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The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )E3 Responsive to communication(s) filed on 23 August 2004 . 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 7-30 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) U30 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1 ) □ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) CD Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) D Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) * 5 ) D Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) □ Other: . 
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Status of Claims 

1. Claims 1-30 have been examined. 

Response to Arguments 

2, Applicant is of the opinion that the prior art of Bapat et al. do not teach the 
Applicant's system. Specifically, Applicant asserts that the prior art of Bapat et al. 
fails to teach: a role filter, associating abilities with a role, a capability filter, 
authorizing access to a protected resource based on a requestor's role. The 
Applicant admits that the prior art of Bapat et al. teaches access-control based 
management (Response to Office Action, 8-23-04, page 4). Therefore, in order 
for Bapat et al. to read on Applicant's claims, the prior art need only utilize "roles" 
to determine access control to protected resources. Webster's Ninth New 
Collegiate Dictionary defines a "role" as "an identifier attached to an index term to 
show functional relationship between terms". Hence, Bapat et al. teach "roles" as 
a user can be a member of a group (column/line 9/45-10/15), the group being a 
representation of a role, or roles, of the user in an organization, or at least within 

- the DBMS (abstract). Bapat et al. teach a "role filter" as the system uses the 
group name, or role, to filter out users who do not have access to an object 
(abstract; figures 5 and 6). Each group, or role, has capabilities (figure 4) and 
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access is determined based on whether the user has membership in a particular 
group and said group has access to the object (abstract; figures 4-6; column 10, 
lines 35-48). Finally, by Applicant's own admission the exact processes that the 
Applicant is attempting to claim is old and well-known (Response to Office 
Action, 8-23-04, page 4). Therefore, even if Bapat et al. were not to teach 
Applicant's system the claims would be reject-able under 102 in view of 
Applicant's own admitted prior art. 

Claims 6-10, 16-20, and 26-30 recite conditional language. More 
specifically, these claims fail to consider how the system is to perform if the 
condition does not hold. Conditional statements necessarily include two 
embodiments the "if case and the "if not" case. Hence, giving claims they're 
broadest reasonable interpretation, the prior art need only teach the "if not" case 
in order to read on the claim. For example, claim 8 recites selecting from the 
group comprising "principal", "resource", "capability" or "role". Hence, if the 
selection is, say, "role", then claim 9 doesn't occur. Or, if the selection is 
"resource" neither claim 9 or 10 occur. 

Applicant's arguments fail to comply with 37 CFR 1 .1 1 1(b) because they 
amount to a general allegation that the claims define a patentable invention 
without specifically pointing out how the language of the claims patentably 
distinguishes them from the references. 

Examiner maintains the rejection to claims 1-30. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 1-30 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Bapat et al., U.S. Patent 6,038,563. 

As per claims 1,11 and 21 , Bapat et al. teach a method for controlling 
access rights of a requesting principal to a protected resource in a computer 
system comprising: 

• associating a role filter with a role (column/line 9/45-1 0/1 5) 

• associating a set of one or more capabilities with the role (figure 4) 

• associating a capability filter with a capability in the set of one or 
more capabilities (abstract; column/line 9/45-10/15) 

• authorizing access for the requesting principal to the protected 
resource based on an association between the requesting principal 
and the role and based on an association between the protected 



Application/Control Number: 09/864,392 
Art Unit: 3621 



Page 5 



resource and a capability of the role (abstract; figures 4-6; column 
10, lines 35-48) 

As per claims 2-5, 12-15 and 22-25, Bapat et al. teach creating a 
database (DBMS) (e.g. hence data can be sorted, filtered, instantiated, searched, 
etc.) associates a user or principal with a group (role), assigns the group rights 
such as what resources the group and hence the user has access to. Further, as 
Bapat et al. implement their system using a DBMS to determine the access rights 
of a user who's trying to access a protected resource Bapat et al. clearly 
anticipate claims 6, 7, 16, 17, 26, and 27, as those claims merely describe the 
how a DBMS performs in response to a request from a user. Regarding claims 8- 
10, 18-20, and 28-30, Bapat et al. teach updating the database (figure 16D). In 
addition, Bapat et al. teach a user attempting to access a protected resource 
(abstract). Thus, in order to determine if the user is eligible to access said 
resource the system collates the user's group and access rights (e.g. 
capabilities) hence Bapat et al. teach the "determining", "searching" and "running" 
steps of claims 8, 18, and 28, and the filtering of claims 9, 10, 19, 20, 29 and 30. 

Conclusion 



5. 



THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1 .136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 



6. Any inquiry concerning this communication or earlier communications from 

the Examiner should be directed to Calvin Loyd Hewitt II whose telephone 
number is (703) 308-8057. The Examiner can normally be reached on Monday- 
Friday from 8:30 AM-5:00 PM. 

If attempts to reach the Examiner by telephone are unsuccessful, the 
Examiner's supervisor, James P. Trammell, can be reached at (703) 305-9768. 
Any response to this action should be mailed to: 
Commissioner of Patents and Trademarks 
c/o Technology Center 2100 
Washington, D.C. 20231 
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or faxed to: 

(703) 305-7687 (for formal communications intended for entry and 
after-final communications), 

or: 

(703) 746-5532 (for informal or draft communications, please label 
"PROPOSED" or "DRAFT") 
Hand-delivered responses should be brought to Crystal Park 5, 
2451 Crystal Drive, 7th Floor Receptionist. 

Any inquiry of a general nature or relating to the status of this application 
should be directed to the Group receptionist whose telephone number is (703) 
308-1113. 



Calvin Loyd Hewitt II 



